A critical security vulnerability in the iTunes application for Windows 10 and Windows 11 users could have enabled malicious attackers to arbitrarily execute code remotely, Apple has confirmed in a support document published 8 May.Willy R. Vasquez, a Ph.D student and security researcher with The University of Texas at Austin, whose sandboxing code contributions can be found in the Firefox 117 web browser, was behind the discovery of CVE-2024-27793.
In other words, an attacker could trigger a maliciously crafted request while parsing a file that could enable them to execute arbitrary code. The attacker, it should be said, doesn’t have to be someone with local access to the Windows machine in question. That the vulnerability could lead to such remote code execution is the primary reason for the CVSS v3 critical rating of 9.1 out of 10.
Technology Technology Latest News, Technology Technology Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Source: ForbesTech - 🏆 318. / 59 Read more »
Source: ForbesTech - 🏆 318. / 59 Read more »
Source: ForbesTech - 🏆 318. / 59 Read more »